Changes fall into these categories:
1. Avoid pathological string building. Loops over x = x .. "foo" can
become very slow. Instead, use strbuf.lua, table.concat, or just one
continuous concatenation; a = x .. y .. z is one operation, better than
a = x .. y; a = a .. z
2. Use hex-escaped strings instead of string.char. I find this more
readable in many cases, and it avoids a table lookup and function call.
3. Don't duplicate code. A few libraries and scripts had re-implemented
stdnse.generate_random_string or openssl.rand_bytes.
The logic:
byte12 == ("03" or "04")
is the same as:
byte12 == "03"
so the second comparison was never able to succeed.
Additionally, some expressions were simplified, such as not formatting
numbers into strings in order to compare them.
Mostly splitting function summaries (the first paragraph of NSEdoc) from
the body of the description to make the summary indexes shorter and
easier to scan.
Also fixed some unbalanced code tags like <code>foo</table>
Reported: http://seclists.org/nmap-dev/2014/q3/378
Changes the default timeout for rpc.lua from 30s to 5 times Nmap's
calculated host timeout or 10s if no timeout info is available.
ssh-hostkey was hitting an assertion failure when scanning OpenSSH 6.7.
The cause was a failure to check for a shared KEX algorithm. We just
assumed diffie-hellman-group1-sha1 would be supported, since RFC 4253
says it "MUST be supported". This adds support for group14, which is a
2048-bit modulus; key strength was likely the reason for dropping
group1. A more complete solution would be to support more KEX
algorithms, but that's beyond the scope of the bug report.
$ svn merge -r r33518:r33513 .
and removed added scripts to the script.db.
The branch needs further refinement/testing for Windows and Mac before merging
into the trunk. There is also the latent EOF bug which is giving performance
issues.
Further work on the branch will continue in Devin's latest branch:
/nmap-exp/devin/nmap-libssh2
